paulo, since he wants to track what's relevant (update, insert, replace and such) he can conveniently stick the functionality for the tracking table into the very same ZSQL methods that handle the write operations, which in turn already use a privileged connection that is allowed to write. jens Jens Vagelpohl Systems Administrator Washtenaw Development Council
-----Original Message----- From: neves@inf.puc-rio.br [mailto:neves@inf.puc-rio.br]On Behalf Of Paulo Eduardo Neves Sent: Wednesday, September 22, 1999 21:36 To: zope@zope.org Cc: Jim Rowan Subject: Re: [Zope] AUTHENTICATED_USER in zsql db connections?
Jens Vagelpohl wrote:
hi jim,
<snippers>
Is there any way to accomplish this? (I tried the obvious, making the connection string be dbname@localhost AUTHENTICATED_USER ; that didn't work... :)
<snippers>
this cannot work because when the user accesses the database
through zope
the connection is usually already there. it's a persistent connection that is opened right away. if your goal is to keep track of who does stuff you might do a dirty workaround and create another table in your database to capture the name of AUTHENTICATED_USER and other information needed and timestamp. important interactions (updates, inserts, etc) could write this info into the database by providing a second part to the ZSQL methods involved.
To solve the access problem you can also have two DB connections. One with the right to insert, delete, update and another just with select access. In the Zope security tab give anonymous access to the later and a special role access to the first. You'd still have to log who's doing what.
hope this helps, -- Paulo Eduardo Neves maito:neves@email.com
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(To receive general Zope announcements, see: http://www.zope.org/mailman/listinfo/zope-announce
For developer-specific issues, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )